<?php

require_once("login/src/Model/Password.php");
require_once("login/src/Model/UserInfo.php");
require_once("Database/Model/UserInfoDAL.php");

class LoginValidation
{
	/**
	*@var string
	**/
	private $password;
	/**
	*@var UserInfoDAL
	**/
	private $userInfoDAL;
	/**
	*@var string session
	**/
	private static $logedIn = "LoginValidation::logedIn";
	/**
	*@var string session
	**/
	private static $errorMessage = "LoginValidation::errorMessage";
	/**
	*@var string session
	**/
	private static $loggedInUserID = "LoginValidation::loggedInUserID";
	/**
	*@var string session
	**/
	private static $loggedInUsername = "LoginValidation::loggedInUsername";

	/**
	*@var string session
	**/
	private static $userIp = "LoginValidation::userIp";
	/**
	*@var string session
	**/
	private static $userBrowser = "LoginValidation::userBrowser";


	public function __construct()
	{
		$this->userInfoDAL = new UserInfoDAL();
	}

	/**
	*@param string 
	*@param string 
	*@return boolean
	**/
	public function validateLoginCredentials($username, $password)
	{	
	
		$validUsernameAndPassword = $this->checkUsernameAndPassword($username, $password);
		if($validUsernameAndPassword)
		{
			$password = sha1($password);
			$allUsers = $this->userInfoDAL->getUserList(); 

			foreach($allUsers as $u)
			{	

				if($u->checkForExistingUser($username, $password)) 
				{   
					$_SESSION[self::$loggedInUsername] = $u->getUsername();
					$_SESSION[self::$loggedInUserID] = $u->getUserID();
					$_SESSION[self::$logedIn] = true;
					return true;
				}
			}
			$_SESSION[self::$errorMessage] = "Fel användarnamn och/eller lösenord";
		}
		return false;
	}


	/**
	*@param string 
	*@param string 
	*@return boolean
	**/
	private function checkUsernameAndPassword($username, $password)
	{
		if(strlen($username) == 0)
		{
			$_SESSION[self::$errorMessage] .= "Ett Användarnamn måste anges.";
			return false;
		}
		elseif(strlen($password) == 0 && strlen($username) > 0)
		{
			$_SESSION[self::$errorMessage] .= "Ett Lösenord måste anges.";
			return false;
		}
		return true;
	}



	/**
	*@return boolean
	**/
	public function didWeJustLogOut()
	{
		$_SESSION[self::$errorMessage] = "";
		if($this->weJustLoggedOut())
		{
			$_SESSION[self::$logedIn] = false;
			$_SESSION[self::$loggedInUsername] = "";
			$_SESSION[self::$loggedInUserID] = "";	
			$_SESSION[self::$errorMessage] = "Du har loggats ut";
			return true;
		}
		return false;
	}


	/**
	*@return boolean
	**/
	private function weJustLoggedOut()
	{
		if(isset($_GET['logout']))
		{
			return true;
		}
	}
	

	/**
	*@return boolean
	**/
	public function weAreLoggedIn()
	{
		if(!$this->CheckForValidSessions())
		{
			$this->weJustLoggedOut();
		}
		return true;
	}

	public function login()
	{
		header("Location: Homepage.php");
	}

	/**
	*@return boolean
	**/
	public function CheckForValidSessions()
	{
		if($this->CheckIfWereLoggedIn())
		{ 
			if(!$this->checkForSessionHijack())
			{
				if(isset($_SESSION[self::$loggedInUsername]) && $_SESSION[self::$loggedInUsername] != null &&
				   isset($_SESSION[self::$loggedInUserID]) && $_SESSION[self::$loggedInUserID] != null)
				{
					return true;
				}
			}
			else
			{	
				$_SESSION[self::$logedIn] = false;
				return false;
			}
		}
		return false;
	}

	/**
	*@return boolean
	**/
	private function checkForSessionHijack()
	{
		if($this->GetUserAgentSession() != $_SERVER["HTTP_USER_AGENT"] ||
    	   $this->GetIPSession()        != $_SERVER["REMOTE_ADDR"])
		{
			$_SESSION[self::$errorMessage] = "Sluta lek tjuv med sessionerna.";
			$_SESSION[self::$logedIn] = false;
			return true;
		}
		return false;
	}





	/**
	 * @return string, ip adrs till användaren.
	 */
	private function GetIPSession()
	{
		 return $_SESSION[self::$userIp]; 
	}


	 
	 /**
	 * @return string, vilken webbläsare.
	 */
	private function GetUserAgentSession()
	{
		 return $_SESSION[self::$userBrowser];
	}




	public function DefaultIPandUserAgentValues()
	{
		if(isset($_SESSION[self::$userBrowser]) == false)
		{
			  $_SESSION[self::$userBrowser] = $_SERVER["HTTP_USER_AGENT"];
		}
		 
		if(isset($_SESSION[self::$userIp]) == false)
		{
			  $_SESSION[self::$userIp] = $_SERVER["REMOTE_ADDR"];
		}		
	}



	/**
	*@return boolean
	**/
	public function CheckIfWereLoggedIn()
	{
		if(isset($_SESSION[self::$logedIn]))
		{
			if($_SESSION[self::$logedIn] == true)
			{
				return true;
			}
			return false;
		}
		return false;
	}


	/**
	*@return string session
	**/
	public function getLoggedInUsername()
	{							 
		if(isset($_SESSION[self::$loggedInUsername]))
		{
			return $_SESSION[self::$loggedInUsername];
		}
		return "username är ej satt";
	}

	/**
	*@param int session 
	*@return boolean
	**/
	public function getLoggedInUserID()
	{
		if(isset($_SESSION[self::$loggedInUserID]))
		{
			return $_SESSION[self::$loggedInUserID];
		}
		return 0;
	}


	/**
	*@return string
	**/
	public function getErrorMessage()
	{
		if(isset($_SESSION[self::$errorMessage]))
		{
			return $_SESSION[self::$errorMessage];
		}
		return "";
	}


}